[13] RFR: 8202414: Unsafe write after primitive array creation may result in array length change

Rahul Raghavan rahul.v.raghavan at oracle.com
Mon Mar 25 09:30:49 UTC 2019 

Hi,

Request help review the following revised fix proposal for JDK-8202414.

<webrev.01> - http://cr.openjdk.java.net/~rraghavan/8202414/webrev.01/

Though did not receive comments for earlier '8202414/webrev.00',
when checked again seems the same to be wrong or too restrictive.
So tried the revised changes -

intptr_t InitializeNode::can_capture_store(StoreNode* st, 
PhaseTransform* phase, bool can_reshape) {
    const int FAIL = 0;
    if (st->is_unaligned_access()) {
      return FAIL;
    }
+  if ((st->memory_size() >= BytesPerInt) && ((get_store_offset(st, 
phase) % BytesPerInt) != 0)) {
+    return FAIL;
+  }
    if (st->req() != MemNode::ValueIn + 1)
      return FAIL;                // an inscrutable StoreNode (card mark?)

Confirmed no issues with reported 8202414 test case.
Also no issues for hs-tier1 to tier4, hs-precheckin-comp testing.
Please let me know if missed something here.


Thanks,
Rahul



On 14/03/19 1:54 PM, Rahul Raghavan wrote:
> Hi,
> 
> Please review the following fix proposal for JDK-8202414.
> 
> Webrev - http://cr.openjdk.java.net/~rraghavan/8202414/webrev.00/
> 
> 
> -- Related links
>  > https://bugs.openjdk.java.net/browse/JDK-8202414
>  > 
> http://mail.openjdk.java.net/pipermail/hotspot-compiler-dev/2018-September/030536.html 
> 
> 
> 
> -- As per suggestions in JBS added following change in 
> InitializeNode::can_capture_store() to return false for unaligned stores.
> =============
> diff -r 3086f9259e97 src/hotspot/share/opto/memnode.cpp
> --- a/src/hotspot/share/opto/memnode.cpp Wed Mar 13 00:48:52 2019 -0400
> +++ b/src/hotspot/share/opto/memnode.cpp Wed Mar 13 19:50:07 2019 +0530
> @@ -3541,7 +3541,7 @@
>   // within the initialized memory.
>   intptr_t InitializeNode::can_capture_store(StoreNode* st, 
> PhaseTransform* phase, bool can_reshape) {
>     const int FAIL = 0;
> -  if (st->is_unaligned_access()) {
> +  if (st->is_unaligned_access() || ((get_store_offset(st, phase) % 
> BytesPerInt) != 0)) {
>       return FAIL;
>     }
>     if (st->req() != MemNode::ValueIn + 1)
> ==============
> 
> 
> -- Added the new jtreg test from the JBS unit test.
> (test/hotspot/jtreg/compiler/c2/Test8202414.java)
> Understood the test with unaligned access will not work for Sparc due to 
> hardware restrictions.The test always fails with SIGBUS crash, with or 
> without above fix. So added
>     @requires (os.arch != "sparc") & (os.arch != "sparcv9")
> 
> 
> -- Confirmed the above change solved the original reported 8202414 test 
> case failure. Also no issues far for hs-tier1 to tier4, 
> hs-precheckin-comp testing.
> 
> -- Could not work out any related additions in 
> LibraryCallKit::inline_unsafe_access().
> Hope above fix proposal is correct, complete solution for the issue.
> 
> 
> Thanks,
> Rahul

More information about the hotspot-compiler-dev mailing list